package com.czh.codesandbox.controller;


import cn.hutool.json.JSONUtil;
import com.czh.codesandbox.JavaNativeCodeSandbox;
import com.czh.codesandbox.model.ExecuteCodeRequest;
import com.czh.codesandbox.model.ExecuteCodeResponse;
import com.czh.codesandbox.utils.SignUtils;
import com.fasterxml.jackson.databind.deser.impl.CreatorCandidate;
import org.apache.commons.lang3.StringUtils;
import org.glassfish.jersey.internal.inject.ParamConverters;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.ext.ParamConverter;

/*
 * ClassName: Welcontroller
 * Package: com.czh.codesandbox.controller
 * Description:
 * @Author: CZH
 * @Create: 2025
 */
@RestController("/")
public class MainController {

    private static final String AUTH_REQUEST_HEADER = "authorization";

    private static final String AUTH_REQUEST_SECRET = "hj8gv8F88g";

    @Resource
    private JavaNativeCodeSandbox javaNativeCodeSandbox;

    /**
     * 执行代码
     * @param executeCodeRequest
     * @return
     */
    @PostMapping("/sandbox")
    ExecuteCodeResponse executeCode(@RequestBody ExecuteCodeRequest executeCodeRequest, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String header = httpServletRequest.getHeader("accessKey");
//        String nonce = httpServletRequest.getHeader("nonce");
        String body = httpServletRequest.getHeader("body");
        String timestamp = httpServletRequest.getHeader("timestamp");
        //将String类型的数据转换成long类型
        System.out.println("+++++++++++++++++++");
        long time = Long.parseLong(timestamp);
        System.out.println("time = " + time);
        String sign = httpServletRequest.getHeader("sign");
        //查询数据库的
        if (!AUTH_REQUEST_HEADER.equals(header)) {
            httpServletResponse.setStatus(403);
            throw new RuntimeException("AUTH_REQUEST_HEADER 校验失败！");
        }
        //通过redis缓存的nonce值来判断是否
//        if(randomnum.equals(nonce)){
//            httpServletResponse.setStatus(403);
//            return null;
//        }
        //校验请求参数是否被篡改
        String jsonStr = JSONUtil.toJsonStr(body);
        if(!jsonStr.equals(body)){
            httpServletResponse.setStatus(403);
            throw new RuntimeException("body 校验失败！");
        }
        //校验超时时间
        long nowTime = System.currentTimeMillis() / 1000;
        System.out.println("nowTime = " + nowTime);
        if(nowTime - time > 600){
            httpServletResponse.setStatus(403);
            throw new RuntimeException("请求超时！");
        }
        //校验签名
        String newjson = JSONUtil.toJsonStr(executeCodeRequest);
        String newSign = SignUtils.getSign(newjson,AUTH_REQUEST_SECRET);
        if(!newSign.equals(sign)){
            httpServletResponse.setStatus(403);
            throw new RuntimeException("Sign 校验失败！");
        }
        if(executeCodeRequest == null){
            throw new RuntimeException("请求参数为空！");
        }
        return javaNativeCodeSandbox.executeCode(executeCodeRequest);
    }
}
